21 matches found
CVE-2026-40631
An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40631 BIG-IP iControl SOAP vulnerability
An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40631 BIG-IP iControl SOAP vulnerability
An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000160979: BIG-IP iControl SOAP vulnerability CVE-2026-40631
Security Advisory Description An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. CVE-2026-40631 Impact This vulnerability may allow a remote, authenticated attacker with Resource...
CVE-2023-40631
In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed...
EUVD-2023-40631
Malicious code in bioql PyPI...
CVE-2022-40631
A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.0, SCALANCE X201-3P IRT All versions V5.5.0, SCALANCE X201-3P IRT PRO All versions V5.5.0, SCALANCE X202-2IRT All versions V5.5.0, SCALANCE X202-2P IRT All versions V5.5.0, SCALANCE X202-2P IRT PRO All versions V5.5.0,...
CVE-2025-40631 HTTP host header injection vulnerability in IceWarp Mail Server
HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScript code can be executed on page load. The user must interact with a malicious link to be redirected...
CVE-2024-40631
Plate media is an open source, rich-text editor for React. Editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook may be vulnerable to XSS if a custom parser allows javascript:, data: or vbscript: URLs to be embedded. Editors that do not use urlParsers and consume...
CVE-2024-40631
Plate media is an open source, rich-text editor for React. Editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook may be vulnerable to XSS if a custom parser allows javascript:, data: or vbscript: URLs to be embedded. Editors that do not use urlParsers and consume...
CVE-2024-40631 Cross-site Scripting (XSS) in media embed element when using custom URL parsers in plate media
Plate media is an open source, rich-text editor for React. Editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook may be vulnerable to XSS if a custom parser allows javascript:, data: or vbscript: URLs to be embedded. Editors that do not use urlParsers and consume...
CVE-2024-40631 Cross-site Scripting (XSS) in media embed element when using custom URL parsers in plate media
Plate media is an open source, rich-text editor for React. Editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook may be vulnerable to XSS if a custom parser allows javascript:, data: or vbscript: URLs to be embedded. Editors that do not use urlParsers and consume...
CVE-2024-40631 Cross-site Scripting (XSS) in media embed element when using custom URL parsers in plate media
Plate media is an open source, rich-text editor for React. Editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook may be vulnerable to XSS if a custom parser allows javascript:, data: or vbscript: URLs to be embedded. Editors that do not use urlParsers and consume...
CVE-2023-40631
creationtimestamp| type| source ---|---|--- 2023-10-08 07:15:01+00:00| seen| https://t.me/cibsecurity/71779...
CVE-2023-40631
No public technical details are provided in the supplied documents for CVE-2023-40631 beyond the description of a missing permission check in Dialer causing local information disclosure; monitor for updates.
Siemens SCALANCE X-200 and X-200IRT Families Improper Neutralization of Input During Web Page Generation (CVE-2022-40631)
A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.0, SCALANCE X201-3P IRT All versions V5.5.0, SCALANCE X201-3P IRT PRO All versions V5.5.0, SCALANCE X202-2IRT All versions V5.5.0, SCALANCE X202-2P IRT All versions V5.5.0, SCALANCE X202-2P IRT PRO All versions V5.5.0,...
CVE-2022-40631
A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.0, SCALANCE X201-3P IRT All versions V5.5.0, SCALANCE X201-3P IRT PRO All versions V5.5.0, SCALANCE X202-2IRT All versions V5.5.0, SCALANCE X202-2P IRT All versions V5.5.0, SCALANCE X202-2P IRT PRO All versions V5.5.0,...
CVE-2022-40631
CVE-2022-40631 affects Siemens SCALANCE X-200/X-200IRT device families (including X200-4P, X201-3P/IRT PRO, X202-2IRT/IRT PRO, X204-2/X204IRT, X206-1, X208, X212-2, X216, X224, and XF/XIR variants) with all affected versions prior to specified fixed versions. The root cause is improper neutraliza...
Easy CD-DA Recorder PLS Buffer Overflow Exploit
Exploit for windows platform in category local exploits require 'msf/core' class Metasploit3 'Easy CD-DA Recorder PLS Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in Easy CD-DA Recorder 2007, caused by a long string in a playlist entry. By...
Easy CD-DA Recorder PLS Buffer Overflow
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Easy CD-DA Recorder PLS Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in Easy...